Subject: | |
From: | |
Reply To: | |
Date: | Fri, 8 Jun 2012 16:46:56 +0200 |
Content-Type: | multipart/signed |
Parts/Attachments: |
|
|
Hello everyone!
Am Freitag, 8. Juni 2012, 08:44:35 schrieben Sie:
> And in this day and age with password sniffing
> going on over local networks by zombied machines and happening as a matter
> of government policy worldwide in data centers, and the historic firewall
> wackiness with FTP's 2 channel communications, *WHY* is your client using
> FTP for anything that is password based? You can cross-hook it to normal
> logins, true, but this is a really bad idea for basic security reasons and
> should be avoided wherever feasible.
Thanks for that hint!
I just found that old server and decided to move the service onto a new host
(and non EOL distro) to integrate it with the rest of the infrastructure (and
get security updates). I will suggest to the clients to use another service
that is less of a security problem.
> Or are they using FTPS?
So far I found no client that reliably supports FTPS. Especially nothing that
comes with the OS "by default" (I tried Chrome, Firefox, KDE/Dolphin). Can you
suggest one?
Kind regards,
Dennis Schridde
|
|
|